<div style="position: absolute; top: 1px; left: 1px; background: white; overflow: scroll; border: 2px solid #FF0000; height: 800px;">
<!--- Log Error Message --->
<cfset errorbrief="Not Specified.">
<cfset fullerror="No error report could be generated.">

<cfinclude template="config/config.cfm">

<!--- Email Error Message --->
<cfsavecontent variable="extradetail">
<cfoutput>
<style>
td,th{font:11px verdana;}
th{text-align:left;font-weight:bold;background-color:##EEE;}
th,td{vertical-align:top;}
</style>
<h4>Error Report</h4>
<table cellpadding="5" cellspacing="1" border="0" width="100%">
	<tr>
		<th>Date:</th>
		<td>#dateFormat(now(),"m/d/yy")# #timeFormat(now(),"h:mm tt")#</td>
	</tr>
	<tr>
		<th>URL:</th>
		<td><cfset theURL = #request.homeurl#>
        	<cfset theURL = replacenocase(theURL, request.absolutepath, "", "ALL")>
			<cfset theURL = theURL & cgi.script_name>
			<cfif Len(CGI.query_string)>
				<cfset theURL = theURL & "?" & CGI.query_string>
                <!---<cfset repstring = "&user=#request.adminusername#&pass=#request.adminpassword#">
                <cfset theURL = replacenocase(theURL, repstring, "", "ALL")>--->
			</cfif>
			<cfset theURL = replace(theURL,"//","/","ALL")>
            <cfset theURL = replace(theURL,"http:/","http://","ALL")>
			<a href="#theURL#">#theURL#</a>
		</td>
	</tr>
	<tr>
		<th>Visitor IP:</th>
		<td>#cgi.REMOTE_ADDR#
	  </td>
	</tr>    
	<tr>
		<th>Browser:</th>
		<td>#cgi.HTTP_USER_AGENT#
	  </td>
	</tr>   
	<tr>
		<th>Application:</th>
		<td><cfif isdefined('application.applicationnname')>#Application.applicationname#</cfif></td>
	</tr>
<cfif isdefined('cfcatch')>
	<cfset infoList = "Message,Type,Browser,Httpreferer,Rootcause,Tagcontext">
	<cfloop list="#infoList#" index="errorItem">
		<cfif StructKeyExists(cfcatch,errorItem)>
		<tr>
			<th>#errorItem#:</th>
			<td><cfdump var="#cfcatch[errorItem]#"></td>
		</tr>

        <cfif errorItem IS 'Message'>
        	<cfset errorbrief = "#replace(cfcatch.message, '/', '//', 'ALL')#  Error Occurred on line #cfcatch.Tagcontext[1].LINE# in #replace(cfcatch.Tagcontext[1].template, '/', '//', 'ALL')#">
		</cfif>
	
        </cfif> 
	</cfloop>
</cfif>    
    <tr>
    	<th>Form Variables:</th>
        <td><cfif isdefined('form')><cfdump var="#form#"><cfelse>none</cfif></td>    
	</tr>
    <tr>
    	<th>URL Variables:</th>
        <td><cfif isdefined('url')><cfdump var="#url#"><cfelse>none</cfif></td>    
	</tr>
</table>
</cfoutput>
</cfsavecontent>

<!---autoban hack attempts--->
<!---hack attempts try to use mysql commands the shopping cart doesn't use, especially in query strings so it's easy to find out if someone is trying to hack.  Therefore, they are banned on their first
attempt so they don't fill up our error log--->
<cfif CGI.query_string CONTAINS '+union' OR CGI.query_string CONTAINS '+concat' OR CGI.query_string CONTAINS '+all' OR CGI.query_string CONTAINS '%20and%20' OR CGI.query_string CONTAINS '+or'>
	
    <!---create the file if it doesn't exist--->
	<cfif NOT fileexists('#request.basepath#config/banned.cfm')>
	    <cffile action = "write" file="#request.basepath#config/banned.cfm" output="">	
    </cfif>

	<!---append the ip address--->
  	<cffile action = "append" file="#request.basepath#config/banned.cfm" output="#cgi.REMOTE_ADDR#">

</cfif>

<cfset extradetail = replacenocase(extradetail, "\", "\\", "ALL")>
<cfset fullerror = '#extradetail#'>

<cfquery name = "qryErrors" datasource="#request.dsn#">
SELECT * FROM core_errorlog WHERE brief = <cfqueryparam value="#errorbrief#" cfsqltype="cf_sql_longvarchar">
</cfquery>
<cfset rightnow = now()>

<cfif qryErrors.recordcount IS 0><!---prevent duplicate entries--->
    <cfquery name = "qryLogError" datasource="#request.dsn#">
    INSERT INTO core_errorlog
    (errordetail, errordate, brief, errorid)
    VALUES
    (<cfqueryparam value="#fullerror#" cfsqltype="cf_sql_longvarchar">,
    #createodbcdatetime(rightnow)#, 
    <cfqueryparam value="#errorbrief#" cfsqltype="cf_sql_longvarchar">,
    <cfqueryparam value="0" cfsqltype="cf_sql_longvarchar">)
    </cfquery>
</cfif>
 
<cfif NOT request.debug IS 'On'>
<p align="left"><strong>
<h2>Sorry, We are experiencing technical difficulties!</h2>
</strong><br></p>
<p align="left"><strong>We appolgize for the inconvenience, but we were unable to process your request.
A report of the generated error was sent to the webmaster along with some information about your
browser and ip address.<br>
</strong>
<p><strong>
You do not need to contact us about this error because we will be automatically notified.
Thank you for your patience.</strong></p>
<cfelse>
<cfoutput>
<h2>An Error Occurred While Processing This Request.</h2>
Details of the error are shown below for the website administrator, and have been logged for troubleshooting purposes.  <br />
We appologize for this incovenience, and we will fix this as soon as possible.
<p>
#replace(fullerror, "\\", "\", "ALL")#
</cfoutput>
</cfif>

<cfif NOT request.debug IS 'On'>
	<cflocation url = "#request.abolutepath#errorpage.cfm">
</cfif>
</div>